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REMARKS 

The application has been reviewed in light of the Office Action dated January 13, 
2005. Claims 1-16 and 18-33 are pending in this application, with claims 1 and 13-16 
being in independent form. The claims have not been amended. It is submitted that no 
new matter has been added and no new issues have been raised by the present Request 

Claims 1-5, 10-16, 18-20, and 31-33 were rejected under 35 U.S.C. §1 02(e) as 
allegedly anticipated by U.S. Patent No. 6,1 67,520 to Touboul et al. Claims 6-9, and 21-30 
were rejected under 35 U.S.C. §1 03(a) as allegedly unpatentable over U.S. Patent No. 
6,1 67,520 to Touboul et al. in view of U.S. Patent No. 5,623,600 to Ji et al. Applicants have 
carefully considered the Examiner's comments and the cited art, and respectfully submit 
independent claims 1 and 1 3-1 6 are patentably distinct from the cited art, for at least the 
following reasons. 

Independent claim 1 relates to a method of preventing undesirable activities of 
executable objects via an application, comprising denying to the application, or one of more 
of its threads, access to a secured resource if the application, or one or more of its threads 
has previously exhibited Internet behavior and has not met a specific condition for 
accessing the secured resource, and denying the application, or one or more of its threads, 
Internet behavior if, at a time access is sought to the Internet, the application, or one or 
more of its threads is accessing a secured resource. 

According to an embodiment of the present disclosure, whenever an application 
exhibits Internet behavior (e.g., opens a connection to the Internet), the event is recorded 
in memory. A record is also kept of secured resources. When the same application that 
has previously exhibited Internet behavior attempts to access a secured resource, access 
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is denied unless a specific condition is met (See page 11, last paragraph - page 12, first 
paragraph.) Of course, the claims are not limited to the disclosed embodiments. 

Touboul relates to a method and system for protecting a client during runtime from 
hostile executables by comparing information pertaining to the executable against a 
predetermined security policy. As understood by the Applicants, various probes are 
provided for recognizing various types of applet instructions. When any of the probes 
recognizes an applet instruction, the recognizing probe sends a message to inform an 
event router. Upon receipt of the message, it is forwarded to a GUI for notifying the user of 
the request, to a log for recording the message and to a monitor to determine whether the 
request violates a security rule. Security rules may include a list of suspicious operations 
such as READ/WRITE operations to a system configuration file, READ/WRITE operations 
to a document containing trade secrets, overuse of system memory, overuse of system 
processor time, too many applets running concurrently, or too many images being 
displayed concurrently. Upon recognition of a security rule violation, a monitor records the 
violation in a log, informs the user via a GUI and forwards a message to a response 
engine. The response engine may then terminate the applet, limit the memory or 
processor time available to the applet (See col 4, linesl 0 - 61 .) 

In contrast, as recited in claim 1 , the application or one of more of its threads, are 
denied access to a secured resource if the application, or one or more of its threads has 
previously exhibited Internet behavior and has not met a specific condition for accessing 
the secured resource. In addition, independent claim 1 denies the application, or one or 
more of its threads, Internet behavior if, at a time access is sought to the Internet, the 
application, or one or more of its threads is accessing a secured resource. 
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Accordingly, Applicants submit independent claim 1 is patentably distinct from the 
cited art. 

Independent claims 1 3-1 6 are believed to be patentably distinct for at least one or 
more of the reasons described above. 

The Office is hereby authorized to charge any additional fees that may be required 
in connection with this amendment and to credit any overpayment to our Deposit Account 
No. 03-3125. 

If a petition for an extension of time is required to make this response timely, this 
paper should be considered to be such a petition, and the Commissioner is authorized to 
charge the requisite fees to our Deposit Account No. 03-3125. 

If a telephone interview could advance the prosecution of this application, the 
Examiner is respectfully requested to call the undersigned attorney. 

Entry of this Request and allowance of this application are respectfully 
requested. 



Respectfully submitted, 




RICHARD F. JAyVORSKI 
Reg. No.33,515 
Attorney for Applicants 
Cooper & Dunham LLP 
Tel.: (212)278-0400 



